@socketsecurity/cli-with-sentry 0.15.17 → 0.15.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/cli.js +187 -194
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/shadow-bin.js +5 -6
- package/dist/shadow-bin.js.map +1 -1
- package/dist/types/commands/fix/git.d.mts +1 -1
- package/dist/types/commands/fix/git.d.mts.map +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/open-pr.d.mts +7 -2
- package/dist/types/commands/fix/open-pr.d.mts.map +1 -1
- package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
- package/dist/types/commands/manifest/convert_gradle_to_maven.d.mts.map +1 -1
- package/dist/types/shadow/npm/bin.d.mts.map +1 -1
- package/dist/vendor.js +18 -14
- package/dist/vendor.js.map +1 -1
- package/external/@socketsecurity/registry/lib/promises.d.ts +18 -4
- package/external/@socketsecurity/registry/lib/promises.js +112 -22
- package/external/@socketsecurity/registry/package.json +1 -1
- package/package.json +4 -4
package/dist/constants.js
CHANGED
|
@@ -122,10 +122,10 @@ const LAZY_ENV = () => {
|
|
|
122
122
|
INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(true),
|
|
123
123
|
// Comp-time inlined Socket package version.
|
|
124
124
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
125
|
-
INLINED_SOCKET_CLI_VERSION: envAsString("0.15.
|
|
125
|
+
INLINED_SOCKET_CLI_VERSION: envAsString("0.15.18"),
|
|
126
126
|
// Comp-time inlined Socket package version hash.
|
|
127
127
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
128
|
-
INLINED_SOCKET_CLI_VERSION_HASH: envAsString("0.15.
|
|
128
|
+
INLINED_SOCKET_CLI_VERSION_HASH: envAsString("0.15.18:63c8f78:7fc993c7:pub"),
|
|
129
129
|
// Comp-time inlined synp package version.
|
|
130
130
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SYNP_VERSION']".
|
|
131
131
|
INLINED_SYNP_VERSION: envAsString("1.9.14"),
|
|
@@ -408,5 +408,5 @@ const constants = createConstantsObject({
|
|
|
408
408
|
});
|
|
409
409
|
|
|
410
410
|
module.exports = constants;
|
|
411
|
-
//# debugId=
|
|
411
|
+
//# debugId=ee81fc5c-e26b-4d43-ac70-6acab3dba79
|
|
412
412
|
//# sourceMappingURL=constants.js.map
|
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\nconst __dirname = path.dirname(__filename)\n\nconst {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n attributes: registryConstantsAttribs,\n createConstantsObject,\n getIpc,\n },\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined,\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n DISABLE_GITHUB_CACHE: boolean\n GITHUB_ACTIONS: boolean\n GITHUB_REF_NAME: string\n GITHUB_REF_TYPE: string\n GITHUB_REPOSITORY: string\n GITHUB_TOKEN: string\n INLINED_CYCLONEDX_CDXGEN_VERSION: string\n INLINED_SOCKET_CLI_HOMEPAGE: string\n INLINED_SOCKET_CLI_LEGACY_BUILD: string\n INLINED_SOCKET_CLI_NAME: string\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n INLINED_SOCKET_CLI_SENTRY_BUILD: string\n INLINED_SOCKET_CLI_VERSION: string\n INLINED_SOCKET_CLI_VERSION_HASH: string\n INLINED_SYNP_VERSION: string\n LOCALAPPDATA: string\n NODE_COMPILE_CACHE: string\n PATH: string\n SOCKET_CLI_ACCEPT_RISKS: boolean\n SOCKET_CLI_CONFIG: string\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_VIEW_ALL_RISKS: boolean\n SOCKET_SECURITY_API_BASE_URL: string\n SOCKET_SECURITY_API_PROXY: string\n SOCKET_SECURITY_API_TOKEN: string\n SOCKET_SECURITY_GITHUB_PAT: string\n TERM: string\n XDG_DATA_HOME: string\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_BIN?: string | undefined\n SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly API_V0_URL: 'https://api.socket.dev/v0/'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly ENV: ENV\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAILING_NOW: '[DryRun] Bailing now'\n readonly DRY_RUN_NOT_SAVING: '[DryRun] Not saving'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly SHADOW_BIN: 'shadow-bin'\n readonly SHADOW_INJECT: 'shadow-inject'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_ACCEPT_RISKS: 'SOCKET_CLI_ACCEPT_RISKS'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_CONFIG: 'SOCKET_CLI_CONFIG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_BIN: 'SOCKET_CLI_SAFE_BIN'\n readonly SOCKET_CLI_SAFE_PROGRESS: 'SOCKET_CLI_SAFE_PROGRESS'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly SOCKET_CLI_VIEW_ALL_RISKS: 'SOCKET_CLI_VIEW_ALL_RISKS'\n readonly SOCKET_WEBSITE_URL: 'https://socket.dev'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly blessedOptions: {\n smartCSR: boolean\n term: string\n useBCE: boolean\n }\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distShadowBinPath: string\n readonly distShadowInjectPath: string\n readonly githubCachePath: string\n readonly homePath: string\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly distPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly socketAppDataPath: string\n readonly socketCachePath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst LOCALAPPDATA = 'LOCALAPPDATA'\nconst LOCK_EXT = '.lock'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst SHADOW_BIN = 'shadow-bin'\nconst SHADOW_INJECT = 'shadow-inject'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = '@socketsecurity/cli'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'\nconst SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = '@socketsecurity/cli-with-sentry'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_ENV = () => {\n const {\n envAsBoolean,\n envAsString,\n } = require('@socketsecurity/registry/lib/env')\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n __proto__: null,\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Flag to disable using GitHub's workflow actions/cache.\n // https://github.com/actions/cache\n DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n // Always set to true when GitHub Actions is running the workflow. This variable\n // can be used to differentiate when tests are being run locally or by GitHub Actions.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_ACTIONS: envAsBoolean(env['GITHUB_ACTIONS']),\n // The short ref name of the branch or tag that triggered the GitHub workflow run.\n // This value matches the branch or tag name shown on GitHub. For example, feature-branch-1.\n // For pull requests, the format is <pr_number>/merge.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n // The type of ref that triggered the workflow run. Valid values are branch or tag.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n // The owner and repository name. For example, octocat/Hello-World.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n // The GITHUB_TOKEN secret is a GitHub App installation access token. The token's\n // permissions are limited to the repository that contains the workflow.\n // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n GITHUB_TOKEN: envAsString(env['GITHUB_TOKEN']),\n // Comp-time inlined @cyclonedx/cdxgen package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']\".\n INLINED_CYCLONEDX_CDXGEN_VERSION: envAsString(\n process.env['INLINED_CYCLONEDX_CDXGEN_VERSION'],\n ),\n // Comp-time inlined Socket package homepage.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n ),\n // Comp-time inlined flag to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n ),\n // Comp-time inlined Socket package name.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n INLINED_SOCKET_CLI_NAME: envAsString(\n process.env['INLINED_SOCKET_CLI_NAME'],\n ),\n // Comp-time inlined flag to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n ),\n // Comp-time inlined flag to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n ),\n // Comp-time inlined Socket package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n INLINED_SOCKET_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION'],\n ),\n // Comp-time inlined Socket package version hash.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n ),\n // Comp-time inlined synp package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SYNP_VERSION']\".\n INLINED_SYNP_VERSION: envAsString(process.env['INLINED_SYNP_VERSION']),\n // The location of the %localappdata% folder on Windows used to store user-specific,\n // non-roaming application data, like temporary files, cached data, and program\n // settings, that are specific to the current machine and user.\n LOCALAPPDATA: envAsString(env[LOCALAPPDATA]),\n // Flag to enable the module compile cache for the Node.js instance.\n // https://nodejs.org/api/cli.html#node_compile_cachedir\n NODE_COMPILE_CACHE:\n // Lazily access constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR.\n constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n ? // Lazily access constants.socketCachePath.\n constants.socketCachePath\n : '',\n // PATH is an environment variable that lists directories where executable\n // programs are located. When a command is run, the system searches these\n // directories to find the executable.\n PATH: envAsString(env['PATH']),\n // Flag to accepts risks of safe-npm and safe-npx run.\n SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n // Flag containing a JSON stringified Socket configuration object.\n SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n // Flag to help debug Socket CLI.\n SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n // Flag to make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n // Flag to view all risks of safe-npm and safe-npx run.\n SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n // Flag to change the base URL for all API-calls.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_SECURITY_API_BASE_URL:\n envAsString(env['SOCKET_SECURITY_API_BASE_URL']) ||\n // For consistency; allow socket_cli prefix too\n envAsString(env['SOCKET_CLI_API_BASE_URL']),\n // Flag to set the proxy all requests are routed through.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_SECURITY_API_PROXY:\n envAsString(env['SOCKET_SECURITY_API_PROXY']) ||\n // For consistency; allow socket_cli prefix too\n envAsString(env['SOCKET_CLI_API_BASE_URL']),\n // Flag to set the API token.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n SOCKET_SECURITY_API_TOKEN:\n // Note: These are SOCKET_SECURITY prefixed because they're not specific\n // to the CLI. For the sake of consistency we'll also support the env\n // keys that do have the SOCKET_CLI prefix, it's an easy mistake.\n // In case multiple are supplied, the tokens supersede the keys and the\n // security prefix supersedes the cli prefix. \"Adventure mode\" ;)\n envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n // Keep 'SOCKET_SECURITY_API_KEY' alias.\n // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.\n envAsString(env['SOCKET_SECURITY_API_KEY']) ||\n envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n envAsString(env['SOCKET_CLI_API_KEY']),\n // A classic GitHub personal access token with the \"repo\" scope or a fine-grained\n // access token with read/write permissions set for \"Contents\" and \"Pull Request\".\n // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n SOCKET_SECURITY_GITHUB_PAT: envAsString(env['SOCKET_SECURITY_GITHUB_PAT']),\n // Specifies the type of terminal or terminal emulator being used by the process.\n TERM: envAsString(env['TERM']),\n // The location of the base directory on Linux and MacOS used to store\n // user-specific data files, defaulting to $HOME/.local/share if not set or empty.\n XDG_DATA_HOME: envAsString(env['XDG_DATA_HOME']),\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyBlessedOptions = () =>\n Object.freeze({\n smartCSR: true,\n // Lazily access constants.WIN32.\n term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n useBCE: true,\n })\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyDistShadowBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_BIN}.js`)\n\nconst lazyDistShadowInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_INJECT}.js`)\n\nconst lazyGithubCachePath = () =>\n // Lazily access constants.socketCachePath.\n path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n ['npm', '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.7'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*'],\n ])\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'node_modules/.bin')\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n Object.freeze(\n // Lazily access constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD.\n constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD ||\n // Lazily access constants.WIN32.\n constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n [\n '--disable-proto',\n 'throw',\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n '--frozen-intrinsics',\n '--no-deprecation',\n ],\n )\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n // Get the OS app data folder:\n // - Win: %LOCALAPPDATA% or fail?\n // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n // On most systems that path is: $HOME/.local/share\n // Then append `socket/settings`, so:\n // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n let dataHome: string | undefined = WIN32\n ? // Lazily access constants.ENV.LOCALAPPDATA\n constants.ENV.LOCALAPPDATA\n : // Lazily access constants.ENV.XDG_DATA_HOME\n constants.ENV.XDG_DATA_HOME\n if (!dataHome) {\n if (WIN32) {\n const logger = require('@socketsecurity/registry/lib/logger')\n logger.warn(`Missing %${LOCALAPPDATA}%`)\n } else {\n dataHome = path.join(\n // Lazily access constants.homePath.\n constants.homePath,\n // Lazily access constants.DARWIN.\n constants.DARWIN ? 'Library/Application Support' : '.local/share',\n )\n }\n }\n return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, '.cache')\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n {\n ...registryConstantsAttribs.props,\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n DRY_RUN_LABEL,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_NOT_SAVING,\n ENV: undefined,\n LOCK_EXT,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n SHADOW_BIN,\n SHADOW_INJECT,\n SOCKET,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NPM_BIN_NAME,\n SOCKET_CLI_NPX_BIN_NAME,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_BIN,\n SOCKET_CLI_SAFE_PROGRESS,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_WEBSITE_URL,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n blessedOptions: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowBinPath: undefined,\n distShadowInjectPath: undefined,\n githubCachePath: undefined,\n homePath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n socketAppDataPath: undefined,\n socketCachePath: undefined,\n zshRcPath: undefined,\n },\n {\n getters: {\n ...registryConstantsAttribs.getters,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n blessedOptions: lazyBlessedOptions,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowBinPath: lazyDistShadowBinPath,\n distShadowInjectPath: lazyDistShadowInjectPath,\n githubCachePath: lazyGithubCachePath,\n homePath: lazyHomePath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n socketAppDataPath: lazySocketAppDataPath,\n socketCachePath: lazySocketCachePath,\n zshRcPath: lazyZshRcPath,\n },\n internals: {\n ...registryConstantsAttribs.internals,\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n },\n },\n },\n) as Constants\n\nexport default constants\n"],"names":["attributes","getIpc","envAsString","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_ACTIONS","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","GITHUB_TOKEN","LOCALAPPDATA","constants","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_CONFIG","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_VIEW_ALL_RISKS","SOCKET_SECURITY_API_BASE_URL","SOCKET_SECURITY_API_PROXY","SOCKET_SECURITY_GITHUB_PAT","TERM","XDG_DATA_HOME","path","smartCSR","term","useBCE","WIN32","logger","ENV","bashRcPath","blessedOptions","distCliPath","distInstrumentWithSentryPath","distPath","distShadowBinPath","distShadowInjectPath","githubCachePath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootPath","shadowBinPath","socketAppDataPath","socketCachePath","zshRcPath","getters","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;AAWA,iBAAA;AACA;AACA;AAEA;;AAEE;AACEA;;AAEAC;AACF;AACF;AA4IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;;;AAGIC;AACF;;AACQC;AAAI;AACZ;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;AACA;AACAC;AACA;AACA;;AAEE;AACAC;AACI;;AAGN;AACA;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAEE;AACAjB;AACF;AACA;AACAkB;AAEE;AACAlB;AACF;AACA;;AAEE;AACA;AACA;AACA;AACA;AACAA;AACA;AACA;;AAIF;AACA;AACA;AACAmB;AACA;AACAC;AACA;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AAEIC;AACA;AACAC;AACAC;AACF;AAEF;AACE;AACAH;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AAEI;AACAZ;AACE;AACAA;AAEE;AACA;AACA;AAGE;AACA;AACA;AACA;AACA;AAKV;AACE;AACAY;AAEF;AACE;AACAA;AAEF;AAEA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACQI;AAAM;;AAEV;;AAEA;;;AAGF;AACE;AACAC;AACF;;AAEI;AACAjB;AACA;AACAA;AAEJ;AACF;;AAEF;AAEA;AACE;AACAY;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEIZ;;;;;;;;;;;;;;AAeFkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEnB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;","debugId":"28665ffc-b3fe-4e4d-bd9e-a258b16cb06"}
|
|
1
|
+
{"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\nconst __dirname = path.dirname(__filename)\n\nconst {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n attributes: registryConstantsAttribs,\n createConstantsObject,\n getIpc,\n },\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined,\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n DISABLE_GITHUB_CACHE: boolean\n GITHUB_ACTIONS: boolean\n GITHUB_REF_NAME: string\n GITHUB_REF_TYPE: string\n GITHUB_REPOSITORY: string\n GITHUB_TOKEN: string\n INLINED_CYCLONEDX_CDXGEN_VERSION: string\n INLINED_SOCKET_CLI_HOMEPAGE: string\n INLINED_SOCKET_CLI_LEGACY_BUILD: string\n INLINED_SOCKET_CLI_NAME: string\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n INLINED_SOCKET_CLI_SENTRY_BUILD: string\n INLINED_SOCKET_CLI_VERSION: string\n INLINED_SOCKET_CLI_VERSION_HASH: string\n INLINED_SYNP_VERSION: string\n LOCALAPPDATA: string\n NODE_COMPILE_CACHE: string\n PATH: string\n SOCKET_CLI_ACCEPT_RISKS: boolean\n SOCKET_CLI_CONFIG: string\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_VIEW_ALL_RISKS: boolean\n SOCKET_SECURITY_API_BASE_URL: string\n SOCKET_SECURITY_API_PROXY: string\n SOCKET_SECURITY_API_TOKEN: string\n SOCKET_SECURITY_GITHUB_PAT: string\n TERM: string\n XDG_DATA_HOME: string\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_BIN?: string | undefined\n SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly API_V0_URL: 'https://api.socket.dev/v0/'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly ENV: ENV\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAILING_NOW: '[DryRun] Bailing now'\n readonly DRY_RUN_NOT_SAVING: '[DryRun] Not saving'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly SHADOW_BIN: 'shadow-bin'\n readonly SHADOW_INJECT: 'shadow-inject'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_ACCEPT_RISKS: 'SOCKET_CLI_ACCEPT_RISKS'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_CONFIG: 'SOCKET_CLI_CONFIG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_BIN: 'SOCKET_CLI_SAFE_BIN'\n readonly SOCKET_CLI_SAFE_PROGRESS: 'SOCKET_CLI_SAFE_PROGRESS'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly SOCKET_CLI_VIEW_ALL_RISKS: 'SOCKET_CLI_VIEW_ALL_RISKS'\n readonly SOCKET_WEBSITE_URL: 'https://socket.dev'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly blessedOptions: {\n smartCSR: boolean\n term: string\n useBCE: boolean\n }\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distShadowBinPath: string\n readonly distShadowInjectPath: string\n readonly githubCachePath: string\n readonly homePath: string\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly distPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly socketAppDataPath: string\n readonly socketCachePath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst LOCALAPPDATA = 'LOCALAPPDATA'\nconst LOCK_EXT = '.lock'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst SHADOW_BIN = 'shadow-bin'\nconst SHADOW_INJECT = 'shadow-inject'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = '@socketsecurity/cli'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'\nconst SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = '@socketsecurity/cli-with-sentry'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_ENV = () => {\n const {\n envAsBoolean,\n envAsString,\n } = require('@socketsecurity/registry/lib/env')\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n __proto__: null,\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Flag to disable using GitHub's workflow actions/cache.\n // https://github.com/actions/cache\n DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n // Always set to true when GitHub Actions is running the workflow. This variable\n // can be used to differentiate when tests are being run locally or by GitHub Actions.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_ACTIONS: envAsBoolean(env['GITHUB_ACTIONS']),\n // The short ref name of the branch or tag that triggered the GitHub workflow run.\n // This value matches the branch or tag name shown on GitHub. For example, feature-branch-1.\n // For pull requests, the format is <pr_number>/merge.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n // The type of ref that triggered the workflow run. Valid values are branch or tag.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n // The owner and repository name. For example, octocat/Hello-World.\n // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n // The GITHUB_TOKEN secret is a GitHub App installation access token. The token's\n // permissions are limited to the repository that contains the workflow.\n // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n GITHUB_TOKEN: envAsString(env['GITHUB_TOKEN']),\n // Comp-time inlined @cyclonedx/cdxgen package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']\".\n INLINED_CYCLONEDX_CDXGEN_VERSION: envAsString(\n process.env['INLINED_CYCLONEDX_CDXGEN_VERSION'],\n ),\n // Comp-time inlined Socket package homepage.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n ),\n // Comp-time inlined flag to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n ),\n // Comp-time inlined Socket package name.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n INLINED_SOCKET_CLI_NAME: envAsString(\n process.env['INLINED_SOCKET_CLI_NAME'],\n ),\n // Comp-time inlined flag to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n ),\n // Comp-time inlined flag to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n ),\n // Comp-time inlined Socket package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n INLINED_SOCKET_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION'],\n ),\n // Comp-time inlined Socket package version hash.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n ),\n // Comp-time inlined synp package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SYNP_VERSION']\".\n INLINED_SYNP_VERSION: envAsString(process.env['INLINED_SYNP_VERSION']),\n // The location of the %localappdata% folder on Windows used to store user-specific,\n // non-roaming application data, like temporary files, cached data, and program\n // settings, that are specific to the current machine and user.\n LOCALAPPDATA: envAsString(env[LOCALAPPDATA]),\n // Flag to enable the module compile cache for the Node.js instance.\n // https://nodejs.org/api/cli.html#node_compile_cachedir\n NODE_COMPILE_CACHE:\n // Lazily access constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR.\n constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n ? // Lazily access constants.socketCachePath.\n constants.socketCachePath\n : '',\n // PATH is an environment variable that lists directories where executable\n // programs are located. When a command is run, the system searches these\n // directories to find the executable.\n PATH: envAsString(env['PATH']),\n // Flag to accepts risks of safe-npm and safe-npx run.\n SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n // Flag containing a JSON stringified Socket configuration object.\n SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n // Flag to help debug Socket CLI.\n SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n // Flag to make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n // Flag to view all risks of safe-npm and safe-npx run.\n SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n // Flag to change the base URL for all API-calls.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_SECURITY_API_BASE_URL:\n envAsString(env['SOCKET_SECURITY_API_BASE_URL']) ||\n // For consistency; allow socket_cli prefix too\n envAsString(env['SOCKET_CLI_API_BASE_URL']),\n // Flag to set the proxy all requests are routed through.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_SECURITY_API_PROXY:\n envAsString(env['SOCKET_SECURITY_API_PROXY']) ||\n // For consistency; allow socket_cli prefix too\n envAsString(env['SOCKET_CLI_API_BASE_URL']),\n // Flag to set the API token.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n SOCKET_SECURITY_API_TOKEN:\n // Note: These are SOCKET_SECURITY prefixed because they're not specific\n // to the CLI. For the sake of consistency we'll also support the env\n // keys that do have the SOCKET_CLI prefix, it's an easy mistake.\n // In case multiple are supplied, the tokens supersede the keys and the\n // security prefix supersedes the cli prefix. \"Adventure mode\" ;)\n envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n // Keep 'SOCKET_SECURITY_API_KEY' alias.\n // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.\n envAsString(env['SOCKET_SECURITY_API_KEY']) ||\n envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n envAsString(env['SOCKET_CLI_API_KEY']),\n // A classic GitHub personal access token with the \"repo\" scope or a fine-grained\n // access token with read/write permissions set for \"Contents\" and \"Pull Request\".\n // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n SOCKET_SECURITY_GITHUB_PAT: envAsString(env['SOCKET_SECURITY_GITHUB_PAT']),\n // Specifies the type of terminal or terminal emulator being used by the process.\n TERM: envAsString(env['TERM']),\n // The location of the base directory on Linux and MacOS used to store\n // user-specific data files, defaulting to $HOME/.local/share if not set or empty.\n XDG_DATA_HOME: envAsString(env['XDG_DATA_HOME']),\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyBlessedOptions = () =>\n Object.freeze({\n smartCSR: true,\n // Lazily access constants.WIN32.\n term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n useBCE: true,\n })\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyDistShadowBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_BIN}.js`)\n\nconst lazyDistShadowInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_INJECT}.js`)\n\nconst lazyGithubCachePath = () =>\n // Lazily access constants.socketCachePath.\n path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n ['npm', '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.7'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*'],\n ])\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'node_modules/.bin')\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n Object.freeze(\n // Lazily access constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD.\n constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD ||\n // Lazily access constants.WIN32.\n constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n [\n '--disable-proto',\n 'throw',\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n '--frozen-intrinsics',\n '--no-deprecation',\n ],\n )\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n // Get the OS app data folder:\n // - Win: %LOCALAPPDATA% or fail?\n // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n // On most systems that path is: $HOME/.local/share\n // Then append `socket/settings`, so:\n // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n let dataHome: string | undefined = WIN32\n ? // Lazily access constants.ENV.LOCALAPPDATA\n constants.ENV.LOCALAPPDATA\n : // Lazily access constants.ENV.XDG_DATA_HOME\n constants.ENV.XDG_DATA_HOME\n if (!dataHome) {\n if (WIN32) {\n const logger = require('@socketsecurity/registry/lib/logger')\n logger.warn(`Missing %${LOCALAPPDATA}%`)\n } else {\n dataHome = path.join(\n // Lazily access constants.homePath.\n constants.homePath,\n // Lazily access constants.DARWIN.\n constants.DARWIN ? 'Library/Application Support' : '.local/share',\n )\n }\n }\n return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, '.cache')\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n {\n ...registryConstantsAttribs.props,\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n DRY_RUN_LABEL,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_NOT_SAVING,\n ENV: undefined,\n LOCK_EXT,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n SHADOW_BIN,\n SHADOW_INJECT,\n SOCKET,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NPM_BIN_NAME,\n SOCKET_CLI_NPX_BIN_NAME,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_BIN,\n SOCKET_CLI_SAFE_PROGRESS,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_WEBSITE_URL,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n blessedOptions: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowBinPath: undefined,\n distShadowInjectPath: undefined,\n githubCachePath: undefined,\n homePath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n socketAppDataPath: undefined,\n socketCachePath: undefined,\n zshRcPath: undefined,\n },\n {\n getters: {\n ...registryConstantsAttribs.getters,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n blessedOptions: lazyBlessedOptions,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowBinPath: lazyDistShadowBinPath,\n distShadowInjectPath: lazyDistShadowInjectPath,\n githubCachePath: lazyGithubCachePath,\n homePath: lazyHomePath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n socketAppDataPath: lazySocketAppDataPath,\n socketCachePath: lazySocketCachePath,\n zshRcPath: lazyZshRcPath,\n },\n internals: {\n ...registryConstantsAttribs.internals,\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n },\n },\n },\n) as Constants\n\nexport default constants\n"],"names":["attributes","getIpc","envAsString","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_ACTIONS","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","GITHUB_TOKEN","LOCALAPPDATA","constants","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_CONFIG","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_VIEW_ALL_RISKS","SOCKET_SECURITY_API_BASE_URL","SOCKET_SECURITY_API_PROXY","SOCKET_SECURITY_GITHUB_PAT","TERM","XDG_DATA_HOME","path","smartCSR","term","useBCE","WIN32","logger","ENV","bashRcPath","blessedOptions","distCliPath","distInstrumentWithSentryPath","distPath","distShadowBinPath","distShadowInjectPath","githubCachePath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootPath","shadowBinPath","socketAppDataPath","socketCachePath","zshRcPath","getters","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;AAWA,iBAAA;AACA;AACA;AAEA;;AAEE;AACEA;;AAEAC;AACF;AACF;AA4IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;;;AAGIC;AACF;;AACQC;AAAI;AACZ;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;AACA;AACAC;AACA;AACA;;AAEE;AACAC;AACI;;AAGN;AACA;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAEE;AACAjB;AACF;AACA;AACAkB;AAEE;AACAlB;AACF;AACA;;AAEE;AACA;AACA;AACA;AACA;AACAA;AACA;AACA;;AAIF;AACA;AACA;AACAmB;AACA;AACAC;AACA;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AAEIC;AACA;AACAC;AACAC;AACF;AAEF;AACE;AACAH;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AAEI;AACAZ;AACE;AACAA;AAEE;AACA;AACA;AAGE;AACA;AACA;AACA;AACA;AAKV;AACE;AACAY;AAEF;AACE;AACAA;AAEF;AAEA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACQI;AAAM;;AAEV;;AAEA;;;AAGF;AACE;AACAC;AACF;;AAEI;AACAjB;AACA;AACAA;AAEJ;AACF;;AAEF;AAEA;AACE;AACAY;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEIZ;;;;;;;;;;;;;;AAeFkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEnB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;","debugId":"ee81fc5c-e26b-4d43-ac70-6acab3dba79"}
|
package/dist/shadow-bin.js
CHANGED
|
@@ -61,12 +61,11 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
|
|
|
61
61
|
// Lazily access constants.SUPPORTS_NODE_PERMISSION_FLAG.
|
|
62
62
|
constants.SUPPORTS_NODE_PERMISSION_FLAG ? await (async () => {
|
|
63
63
|
const cwd = process.cwd();
|
|
64
|
-
const
|
|
64
|
+
const stdioPipeOptions = {
|
|
65
65
|
cwd
|
|
66
|
-
}
|
|
67
|
-
const
|
|
68
|
-
|
|
69
|
-
})).stdout.trim();
|
|
66
|
+
};
|
|
67
|
+
const globalPrefix = (await spawn.spawn('npm', ['prefix', '-g'], stdioPipeOptions)).stdout.trim();
|
|
68
|
+
const npmCachePath = (await spawn.spawn('npm', ['config', 'get', 'cache'], stdioPipeOptions)).stdout.trim();
|
|
70
69
|
return ['--permission', '--allow-child-process',
|
|
71
70
|
// '--allow-addons',
|
|
72
71
|
// '--allow-wasi',
|
|
@@ -128,5 +127,5 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
|
|
|
128
127
|
}
|
|
129
128
|
|
|
130
129
|
module.exports = shadowBin;
|
|
131
|
-
//# debugId=
|
|
130
|
+
//# debugId=aa1eba9e-48da-4d61-a375-eae39c06793d
|
|
132
131
|
//# sourceMappingURL=shadow-bin.js.map
|
package/dist/shadow-bin.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shadow-bin.js","sources":["../src/shadow/npm/link.mts","../src/shadow/npm/bin.mts"],"sourcesContent":["import path from 'node:path'\n\nimport cmdShim from 'cmd-shim'\n\nimport constants from '../../constants.mts'\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed,\n} from '../../utils/npm-paths.mts'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx',\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName),\n )\n }\n const { env } = process\n env['PATH'] = `${realBinPath}${path.delimiter}${env['PATH']}`\n }\n return binPath\n}\n","import { isDebug } from '@socketsecurity/registry/lib/debug'\nimport {\n isLoglevelFlag,\n isNodeOptionsFlag,\n isProgressFlag,\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link.mts'\nimport constants from '../../constants.mts'\nimport { cmdFlagsToString } from '../../utils/cmd.mts'\n\nconst { SOCKET_CLI_SAFE_BIN, SOCKET_CLI_SAFE_PROGRESS, SOCKET_IPC_HANDSHAKE } =\n constants\n\nexport default async function shadowBin(\n binName: 'npm' | 'npx',\n args = process.argv.slice(2),\n) {\n process.exitCode = 1\n // Lazily access constants.ENV.NODE_COMPILE_CACHE\n const { NODE_COMPILE_CACHE } = constants.ENV\n const terminatorPos = args.indexOf('--')\n const rawBinArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n const binArgs = rawBinArgs.filter(\n a => !isProgressFlag(a) && !isNodeOptionsFlag(a),\n )\n const nodeOptionsArg = rawBinArgs.findLast(isNodeOptionsFlag)\n const progressArg = rawBinArgs.findLast(isProgressFlag) !== '--no-progress'\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const permArgs =\n binName === 'npm' &&\n // Lazily access constants.SUPPORTS_NODE_PERMISSION_FLAG.\n constants.SUPPORTS_NODE_PERMISSION_FLAG\n ? await (async () => {\n const cwd = process.cwd()\n const globalPrefix = (\n await spawn('npm', ['prefix', '-g'],
|
|
1
|
+
{"version":3,"file":"shadow-bin.js","sources":["../src/shadow/npm/link.mts","../src/shadow/npm/bin.mts"],"sourcesContent":["import path from 'node:path'\n\nimport cmdShim from 'cmd-shim'\n\nimport constants from '../../constants.mts'\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed,\n} from '../../utils/npm-paths.mts'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx',\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName),\n )\n }\n const { env } = process\n env['PATH'] = `${realBinPath}${path.delimiter}${env['PATH']}`\n }\n return binPath\n}\n","import { isDebug } from '@socketsecurity/registry/lib/debug'\nimport {\n isLoglevelFlag,\n isNodeOptionsFlag,\n isProgressFlag,\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link.mts'\nimport constants from '../../constants.mts'\nimport { cmdFlagsToString } from '../../utils/cmd.mts'\n\nimport type { SpawnOptions } from '@socketsecurity/registry/lib/spawn'\n\nconst { SOCKET_CLI_SAFE_BIN, SOCKET_CLI_SAFE_PROGRESS, SOCKET_IPC_HANDSHAKE } =\n constants\n\nexport default async function shadowBin(\n binName: 'npm' | 'npx',\n args = process.argv.slice(2),\n) {\n process.exitCode = 1\n // Lazily access constants.ENV.NODE_COMPILE_CACHE\n const { NODE_COMPILE_CACHE } = constants.ENV\n const terminatorPos = args.indexOf('--')\n const rawBinArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n const binArgs = rawBinArgs.filter(\n a => !isProgressFlag(a) && !isNodeOptionsFlag(a),\n )\n const nodeOptionsArg = rawBinArgs.findLast(isNodeOptionsFlag)\n const progressArg = rawBinArgs.findLast(isProgressFlag) !== '--no-progress'\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const permArgs =\n binName === 'npm' &&\n // Lazily access constants.SUPPORTS_NODE_PERMISSION_FLAG.\n constants.SUPPORTS_NODE_PERMISSION_FLAG\n ? await (async () => {\n const cwd = process.cwd()\n const stdioPipeOptions: SpawnOptions = { cwd }\n const globalPrefix = (\n await spawn('npm', ['prefix', '-g'], stdioPipeOptions)\n ).stdout.trim()\n const npmCachePath = (\n await spawn('npm', ['config', 'get', 'cache'], stdioPipeOptions)\n ).stdout.trim()\n return [\n '--permission',\n '--allow-child-process',\n // '--allow-addons',\n // '--allow-wasi',\n // Allow all reads because npm walks up directories looking for config\n // and package.json files.\n '--allow-fs-read=*',\n `--allow-fs-write=${cwd}/*`,\n `--allow-fs-write=${globalPrefix}/*`,\n `--allow-fs-write=${npmCachePath}/*`,\n ]\n })()\n : []\n const useDebug = isDebug()\n const useNodeOptions = nodeOptionsArg || permArgs.length\n const isSilent = !useDebug && !binArgs.some(isLoglevelFlag)\n // The default value of loglevel is \"notice\". We default to \"error\" which is\n // two levels quieter.\n const logLevelArgs = isSilent ? ['--loglevel', 'error'] : []\n const spawnPromise = spawn(\n // Lazily access constants.execPath.\n constants.execPath,\n [\n // Lazily access constants.nodeHardenFlags.\n ...constants.nodeHardenFlags,\n // Lazily access constants.nodeNoWarningsFlags.\n ...constants.nodeNoWarningsFlags,\n // Lazily access constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD.\n ...(constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD\n ? [\n '--require',\n // Lazily access constants.distInstrumentWithSentryPath.\n constants.distInstrumentWithSentryPath,\n ]\n : []),\n '--require',\n // Lazily access constants.distShadowInjectPath.\n constants.distShadowInjectPath,\n // Lazily access constants.shadowBinPath.\n await installLinks(constants.shadowBinPath, binName),\n ...(useDebug ? ['--trace-uncaught', '--trace-warnings'] : []),\n ...(useNodeOptions\n ? [\n `--node-options='${nodeOptionsArg ? nodeOptionsArg.slice(15) : ''}${cmdFlagsToString(permArgs)}'`,\n ]\n : []),\n // Add '--no-progress' to fix input being swallowed by the npm spinner.\n '--no-progress',\n // Add '--loglevel=error' if a loglevel flag is not provided and the\n // SOCKET_CLI_DEBUG environment variable is not truthy.\n ...logLevelArgs,\n ...binArgs,\n ...otherArgs,\n ],\n {\n env: {\n ...process.env,\n ...(NODE_COMPILE_CACHE ? { NODE_COMPILE_CACHE } : undefined),\n },\n // 'inherit' + 'ipc'\n stdio: [0, 1, 2, 'ipc'],\n },\n )\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (code !== null) {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n spawnPromise.process.send({\n [SOCKET_IPC_HANDSHAKE]: {\n [SOCKET_CLI_SAFE_BIN]: binName,\n [SOCKET_CLI_SAFE_PROGRESS]: progressArg,\n },\n })\n await spawnPromise\n}\n"],"names":["NPX","WIN32","env","SOCKET_IPC_HANDSHAKE","NODE_COMPILE_CACHE","constants","cwd","process","spawnPromise"],"mappings":";;;;;;;;;;AAYA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;;AACQC;AAAI;AACZA;AACF;AACA;AACF;;AC3BA;;;AAAuDC;AAAqB;AAG7D;;AAKb;;AACQC;;AACR;AACA;AACA;AAGA;;AAEA;AACA;AAEE;AACAC;AAEM;AACA;AAAyCC;;;;;AAUvC;AACA;AACA;AACA;AACA;;AAOV;AACA;;AAEA;AACA;;;AAGE;;AAGE;;AAEA;;AAEA;AACA;AAGM;AACAD;AAIN;AACAA;AACA;;AAQA;;AAEA;AACA;;AAMAH;;AAEE;AAA2BE;AAAmB;;AAEhD;;AAEF;AAEF;;AAEE;;AAEA;AACE;AACAG;AACF;AACF;AACAC;AACE;;AAEE;AACF;AACF;AACA;AACF;;","debugId":"aa1eba9e-48da-4d61-a375-eae39c06793d"}
|
|
@@ -4,11 +4,11 @@ export declare function getSocketPrTitlePattern(purl: string, workspaceName?: st
|
|
|
4
4
|
export declare function getSocketPullRequestTitle(purl: string, newVersion: string, workspaceName?: string | undefined): string;
|
|
5
5
|
export declare function getSocketPullRequestBody(purl: string, newVersion: string, workspaceName?: string | undefined): string;
|
|
6
6
|
export declare function getSocketCommitMessage(purl: string, newVersion: string, workspaceName?: string | undefined): string;
|
|
7
|
+
export declare function gitCleanFdx(cwd?: string): Promise<void>;
|
|
7
8
|
export declare function gitCreateAndPushBranch(branch: string, commitMsg: string, filepaths: string[], cwd?: string): Promise<boolean>;
|
|
8
9
|
export declare function gitEnsureIdentity(cwd?: string): Promise<void>;
|
|
9
10
|
export declare function gitResetAndClean(branch?: string, cwd?: string): Promise<void>;
|
|
10
11
|
export declare function gitResetHard(branch?: string, cwd?: string): Promise<void>;
|
|
11
|
-
export declare function gitCleanFdx(cwd?: string): Promise<void>;
|
|
12
12
|
export declare function gitRemoteBranchExists(branch: string, cwd?: string): Promise<boolean>;
|
|
13
13
|
export declare function gitUnstagedModifiedFiles(cwd?: string): Promise<string[]>;
|
|
14
14
|
//# sourceMappingURL=git.d.mts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"git.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/git.mts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"git.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/git.mts"],"names":[],"mappings":"AAuBA,wBAAgB,gBAAgB,WAQ/B;AAED,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,GACjC,MAAM,CAUR;AAED,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,EACZ,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,GACjC,MAAM,CASR;AAED,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,GACjC,MAAM,CAKR;AAED,wBAAgB,wBAAwB,CACtC,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,GACjC,MAAM,CAKR;AAED,wBAAgB,sBAAsB,CACpC,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,GACjC,MAAM,CAKR;AAED,wBAAsB,WAAW,CAAC,GAAG,SAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAGpE;AAED,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EAAE,EACnB,GAAG,SAAgB,GAClB,OAAO,CAAC,OAAO,CAAC,CAkBlB;AAED,wBAAsB,iBAAiB,CAAC,GAAG,SAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6B1E;AAED,wBAAsB,gBAAgB,CACpC,MAAM,SAAS,EACf,GAAG,SAAgB,GAClB,OAAO,CAAC,IAAI,CAAC,CAKf;AAED,wBAAsB,YAAY,CAChC,MAAM,SAAS,EACf,GAAG,SAAgB,GAClB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,MAAM,EACd,GAAG,SAAgB,GAClB,OAAO,CAAC,OAAO,CAAC,CAelB;AAED,wBAAsB,wBAAwB,CAC5C,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,EAAE,CAAC,CAOnB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"npm-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/npm-fix.mts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"npm-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/npm-fix.mts"],"names":[],"mappings":"AAoDA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAEvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAA;AAwBrE,wBAAsB,MAAM,CAC1B,aAAa,EAAE,UAAU,EACzB,EACE,SAAS,EACT,GAAG,EACH,MAAM,EACN,KAAK,EACL,KAAK,EACL,UAAU,EACV,IAAI,EACJ,UAAU,GACX,EAAE,oBAAoB,iBAmZxB"}
|
|
@@ -7,12 +7,16 @@ export type CleanupPrsOptions = {
|
|
|
7
7
|
workspaceName?: string | undefined;
|
|
8
8
|
};
|
|
9
9
|
export declare function cleanupOpenPrs(owner: string, repo: string, purl: string, newVersion: string, options?: CleanupPrsOptions | undefined): Promise<void>;
|
|
10
|
-
export
|
|
10
|
+
export type PrAutoMergeState = {
|
|
11
|
+
enabled: boolean;
|
|
12
|
+
details?: string[];
|
|
13
|
+
};
|
|
14
|
+
export declare function enablePrAutoMerge({ node_id: prId, }: Pr): Promise<PrAutoMergeState>;
|
|
11
15
|
export type GitHubRepoInfo = {
|
|
12
16
|
owner: string;
|
|
13
17
|
repo: string;
|
|
14
18
|
};
|
|
15
|
-
export declare function getGitHubEnvRepoInfo(): GitHubRepoInfo;
|
|
19
|
+
export declare function getGitHubEnvRepoInfo(): GitHubRepoInfo | null;
|
|
16
20
|
export type OpenPrOptions = {
|
|
17
21
|
baseBranch?: string | undefined;
|
|
18
22
|
cwd?: string | undefined;
|
|
@@ -20,4 +24,5 @@ export type OpenPrOptions = {
|
|
|
20
24
|
};
|
|
21
25
|
export declare function openPr(owner: string, repo: string, branch: string, purl: string, newVersion: string, options?: OpenPrOptions | undefined): Promise<OctokitResponse<Pr> | null>;
|
|
22
26
|
export declare function prExistForBranch(owner: string, repo: string, branch: string): Promise<boolean>;
|
|
27
|
+
export declare function setGitRemoteGitHubRepoUrl(owner: string, repo: string, token: string, cwd?: string): Promise<void>;
|
|
23
28
|
//# sourceMappingURL=open-pr.d.mts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"open-pr.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/open-pr.mts"],"names":[],"mappings":"AAsBA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"open-pr.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/open-pr.mts"],"names":[],"mappings":"AAsBA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAiBrD,wBAAgB,iBAAiB,6CAUhC;AAED,wBAAsB,UAAU,CAAC,CAAC,EAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,GACzB,OAAO,CAAC,CAAC,CAAC,CAWZ;AA6BD,MAAM,MAAM,EAAE,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,CAAA;AAEtD,MAAM,MAAM,iBAAiB,GAAG;IAC9B,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CACnC,CAAA;AAED,wBAAsB,cAAc,CAClC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,iBAAiB,GAAG,SAAS,iBAiLxC;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB,CAAA;AAED,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EAAE,IAAI,GACd,EAAE,EAAE,GAAG,OAAO,CAAC,gBAAgB,CAAC,CA+BhC;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,wBAAgB,oBAAoB,IAAI,cAAc,GAAG,IAAI,CAW5D;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CACnC,CAAA;AAED,wBAAsB,MAAM,CAC1B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,GAClC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAsCrC;AAED,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC,CAalB;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,GAAG,SAAgB,GAClB,OAAO,CAAC,IAAI,CAAC,CAIf"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pnpm-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/pnpm-fix.mts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"pnpm-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/pnpm-fix.mts"],"names":[],"mappings":"AA0DA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAGvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAA;AA+CrE,wBAAsB,OAAO,CAC3B,aAAa,EAAE,UAAU,EACzB,EACE,SAAS,EACT,GAAG,EACH,MAAM,EACN,KAAK,EACL,KAAK,EACL,UAAU,EACV,IAAI,EACJ,UAAU,GACX,EAAE,oBAAoB,iBA0dxB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convert_gradle_to_maven.d.mts","sourceRoot":"","sources":["../../../../src/commands/manifest/convert_gradle_to_maven.mts"],"names":[],"mappings":"AAWA,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"convert_gradle_to_maven.d.mts","sourceRoot":"","sources":["../../../../src/commands/manifest/convert_gradle_to_maven.mts"],"names":[],"mappings":"AAWA,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,MAAM,EAAE,iBA8FrB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bin.d.mts","sourceRoot":"","sources":["../../../../src/shadow/npm/bin.mts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"bin.d.mts","sourceRoot":"","sources":["../../../../src/shadow/npm/bin.mts"],"names":[],"mappings":"AAiBA,wBAA8B,SAAS,CACrC,OAAO,EAAE,KAAK,GAAG,KAAK,EACtB,IAAI,WAAwB,iBA0G7B"}
|
package/dist/vendor.js
CHANGED
|
@@ -19,6 +19,7 @@ var require$$2$2 = require('node:http');
|
|
|
19
19
|
var require$$3$2 = require('node:https');
|
|
20
20
|
var require$$5 = require('node:readline');
|
|
21
21
|
var require$$6$1 = require('../external/@socketsecurity/registry/lib/constants/abort-signal');
|
|
22
|
+
var require$$7$2 = require('../external/@socketsecurity/registry/lib/promises');
|
|
22
23
|
var util$3 = require('node:util');
|
|
23
24
|
var require$$0$b = require('node:url');
|
|
24
25
|
var require$$0$c = require('node:os');
|
|
@@ -24592,7 +24593,7 @@ var isInteractiveExports = /*@__PURE__*/ requireIsInteractive();
|
|
|
24592
24593
|
var dist = {};
|
|
24593
24594
|
|
|
24594
24595
|
var name = "@socketsecurity/sdk";
|
|
24595
|
-
var version = "1.4.
|
|
24596
|
+
var version = "1.4.38";
|
|
24596
24597
|
var license = "MIT";
|
|
24597
24598
|
var description = "SDK for the Socket API client";
|
|
24598
24599
|
var author = {
|
|
@@ -24675,36 +24676,36 @@ var scripts = {
|
|
|
24675
24676
|
"update:deps": "npx --yes npm-check-updates"
|
|
24676
24677
|
};
|
|
24677
24678
|
var dependencies = {
|
|
24678
|
-
"@socketsecurity/registry": "1.0.
|
|
24679
|
+
"@socketsecurity/registry": "1.0.194"
|
|
24679
24680
|
};
|
|
24680
24681
|
var devDependencies = {
|
|
24681
24682
|
"@biomejs/biome": "1.9.4",
|
|
24682
|
-
"@dotenvx/dotenvx": "1.44.
|
|
24683
|
+
"@dotenvx/dotenvx": "1.44.1",
|
|
24683
24684
|
"@eslint/compat": "1.2.9",
|
|
24684
24685
|
"@eslint/js": "9.27.0",
|
|
24685
|
-
"@types/node": "22.15.
|
|
24686
|
+
"@types/node": "22.15.21",
|
|
24686
24687
|
"@typescript-eslint/parser": "8.32.1",
|
|
24687
|
-
"@vitest/coverage-v8": "3.1.
|
|
24688
|
+
"@vitest/coverage-v8": "3.1.4",
|
|
24688
24689
|
"del-cli": "6.0.0",
|
|
24689
24690
|
eslint: "9.27.0",
|
|
24690
|
-
"eslint-import-resolver-typescript": "4.3.
|
|
24691
|
-
"eslint-plugin-import-x": "4.
|
|
24691
|
+
"eslint-import-resolver-typescript": "4.3.5",
|
|
24692
|
+
"eslint-plugin-import-x": "4.12.2",
|
|
24692
24693
|
"eslint-plugin-jsdoc": "50.6.17",
|
|
24693
24694
|
"eslint-plugin-n": "17.18.0",
|
|
24694
24695
|
"eslint-plugin-sort-destructure-keys": "2.0.0",
|
|
24695
24696
|
"eslint-plugin-unicorn": "56.0.1",
|
|
24696
24697
|
globals: "16.1.0",
|
|
24697
24698
|
husky: "9.1.7",
|
|
24698
|
-
knip: "5.
|
|
24699
|
+
knip: "5.57.1",
|
|
24699
24700
|
"lint-staged": "16.0.0",
|
|
24700
24701
|
nock: "14.0.4",
|
|
24701
|
-
"npm-run-all2": "8.0.
|
|
24702
|
+
"npm-run-all2": "8.0.3",
|
|
24702
24703
|
"openapi-typescript": "6.7.6",
|
|
24703
24704
|
oxlint: "0.16.11",
|
|
24704
24705
|
"type-coverage": "2.29.7",
|
|
24705
24706
|
typescript: "~5.8.3",
|
|
24706
24707
|
"typescript-eslint": "8.32.1",
|
|
24707
|
-
vitest: "3.1.
|
|
24708
|
+
vitest: "3.1.4"
|
|
24708
24709
|
};
|
|
24709
24710
|
var overrides = {
|
|
24710
24711
|
vite: "6.3.5"
|
|
@@ -24716,7 +24717,7 @@ var files = [
|
|
|
24716
24717
|
"dist/**",
|
|
24717
24718
|
"types/**"
|
|
24718
24719
|
];
|
|
24719
|
-
var require$$
|
|
24720
|
+
var require$$8 = {
|
|
24720
24721
|
name: name,
|
|
24721
24722
|
version: version,
|
|
24722
24723
|
license: license,
|
|
@@ -24758,8 +24759,9 @@ function requireDist () {
|
|
|
24758
24759
|
const node_path_1 = __importDefault(path$1);
|
|
24759
24760
|
const node_readline_1 = __importDefault(require$$5);
|
|
24760
24761
|
const abort_signal_1 = __importDefault(require$$6$1);
|
|
24762
|
+
const promises_1 = require$$7$2;
|
|
24761
24763
|
// @ts-ignore: Avoid TS import attributes error.
|
|
24762
|
-
const package_json_1 = __importDefault(require$$
|
|
24764
|
+
const package_json_1 = __importDefault(require$$8);
|
|
24763
24765
|
const DEFAULT_USER_AGENT = createUserAgentFromPkgJson(package_json_1.default);
|
|
24764
24766
|
class ResponseError extends Error {
|
|
24765
24767
|
response;
|
|
@@ -25039,7 +25041,9 @@ function requireDist () {
|
|
|
25039
25041
|
async *#createBatchPurlGenerator(queryParams, componentsObj) {
|
|
25040
25042
|
let res;
|
|
25041
25043
|
try {
|
|
25042
|
-
res = await this.#createBatchPurlRequest(queryParams, componentsObj)
|
|
25044
|
+
res = await (0, promises_1.pRetry)(() => this.#createBatchPurlRequest(queryParams, componentsObj), {
|
|
25045
|
+
retries: 4
|
|
25046
|
+
});
|
|
25043
25047
|
}
|
|
25044
25048
|
catch (e) {
|
|
25045
25049
|
return await this.#handleApiError(e);
|
|
@@ -61088,5 +61092,5 @@ exports.terminalLinkExports = terminalLinkExports;
|
|
|
61088
61092
|
exports.updater = updater;
|
|
61089
61093
|
exports.yargsParser = yargsParser;
|
|
61090
61094
|
exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
|
|
61091
|
-
//# debugId=
|
|
61095
|
+
//# debugId=a0e36d77-bdad-44de-9a65-0a08ae50ee2
|
|
61092
61096
|
//# sourceMappingURL=vendor.js.map
|